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1. Todays Worms vs. Yesterdays Worms 

2. Why Worms Bypass Today's Defenses 

3. Strategy: Focus on the Vulnerability; NOT the Worm 
4. 4 Steps to Worm-Proofing Your Network 

5. How QualysGuard Works: A DEMO 

6. A QualysGuard Success Story: DuPont 

7. The QualysGuard Difference 
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= Time from vulnerability announcement & patch to worm 
creation & execution is shrinking ^ 


— Slammer: Months . m 
— Blaster & Sasser: Weeks B 
— Witty: Days 50 
0 T T 
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= Each new worm is appearing faster and with an 
increasing number of variants 


= Worms are carrying increasingly more deceptive and 
"heavier" payloads 
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= Weakening & expanding network perimeters 

= Inefficient or incomplete assessment processes 
= Information overload 

= Lack of resources (people and funds) 

Lack of knowledge / expertise 
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Yesterday's Security Solutions Will Not Protect 
You From Today's Worms 
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» Antivirus, IDS, and Firewalls are not enough 


— AV agents must be installed and active on every host 
* Problem: Worms can disable AV services 
* Problem: Rogue devices & non-company devices 
* Problem: Devices not in compliance with standards 
— IDS requires manual 'care & feeding' 
* IDS signatures will only find the worm after it is too late 
e Failure to update IDS signatures > IDS won't find worm at all 
— Worms are permeating network and host FWs 
* Worms often come as email attachments, not stopped by FWs 
* FW configurations are not audited frequently enough 
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= Worms can only infect vulnerable systems 
= Most organizations react to worms ‘after the fact 


= Instead - fix the vulnerability before the problem 
arises. Be proactive, not reactive. 
— How? 
e Know your resources 
* Manage your processes 


* |dentify vulnerable systems before they become infected 
e AUTOMATE 
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= — Worm-proofing your network can be as easy as: 


Proactively discover 
devices on your networks 


ad Q um. 
Regularly scan / assess S P 


your devices 


Discovery 


o o 
Analyze the results & — Assessment - 
prioritize mitigation N Á 
activities -— O e 
Analysis 


Manage the vulnerability 
remediation process 
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Technical Report Executive Report 


Summary of Vulnerabilities UEM Summary of Vulnerabilities 
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= Implement a Vulnerability Management solution across a 
large enterprise that is globally dispersed 

= Utilize the same solution across segmented, firewalled 
networks 

= Provide “independently gathered” metric-rich detailed and 
management level reports 

= Integrate the vulnerability management process 

= The solution needs to be: comprehensive, accurate, auto- 
updating, non-harmful to systems and networks, deployed 
quickly, easy to use... 
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Business objectives: 

= Use a service versus build and run internally 

= Don't buy software & hardware. Avoid capital expenditure 

= Low TCO; avoid support, maintenance & misc costs. 

= Proactively prevent worm exposures by eliminating 
vulnerabilities 

Functional objectives: : 

= Deploy a comprehensive VM solution across the enterprise - 

= Implement a "closed loop" approach (finding to fixing) 

» Replace Security Team s tool kit 
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= Globally deployed QualysGuard in weeks 
— Started scanning perimeter immediately 
— Installed 37 scanner appliances 

= Initiated weekly and monthly scanning across the 
enterprise 

= Built 75+ unique groups of assets for scanning, 
reporting and remediation 

= First baseline scan ~60,000 devices 

» Went from reacting to preventing worm outbreaks 
— Zero impact from Sasser 
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= Industry's most accurate & 
comprehensive solution 


= On Demand & Always Up to Date 


= Immediately deployable with no software 
to install 


= ‘Out of the box’ interoperability 


= Built in vulnerability remediation 
workflow 
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= Visit us on the web at http//www.gualys.com/wormproof 
= Try it!...free full feature product trial 


= Contact us at wormproof@dqualys.com 
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